Re: Security framework question
Re: Security framework question
- Subject: Re: Security framework question
- From: Andreas Monitzer <email@hidden>
- Date: Wed, 11 Jul 2001 14:29:41 +0200
On Wednesday, July 11, 2001, at 01:23 , Ed Silva wrote:
Well, after some digging I found that keeping a tool in the App bundle
isn'
t the only way to do it.
It turns out that if you make the application binary (ie:
MyApp.app/Contents/MacOS/MyApp) sutuid root it works just fine. The way I
figured this out was by looking at NetInfo Manager.app:
-rwsrwxr-x 1 root admin 175944 Jun 21 14:45 NetInfo Manager*
This seems much more reasonable to me than creating a separate tool to do
the job, but I wonder if there are security consequences.
Any thoughts (good or bad) on a setuid root app binary?
1. It's a big security risk
2. You have to use Apple's Installer to distribute the App, which can
cause many problems (like changed permissions somewhere, wiped
/Applications or something else)
andy
--
Discussion forthcoming.